Wednesday, April 24, 2019

UK cyber boss downplays threat of Five Eyes security rift over Huawei

LONDON: The head of Britain’s cyber centre said governments in the Five Eyes intelligence alliance had not always been aligned over Huawei, downplaying any threat of a rift as the UK prepares to give the Chinese company access to 5G networks.

A security source has told Reuters that Britain will allow Huawei access to non-core parts of the 5G network, but block it from all core parts of the system. The United States had told allies not to use Huawei’s technology because of fears it could be a vehicle for Chinese spy operations.

“It’s objectively the case that in the past decade there have been different approaches across the Five Eyes and across the allied wider Western alliance towards Huawei and towards other issues as well,” Ciaran Martin, the head of GCHQ’s National Cyber Security Centre, told BBC radio.

He declined to confirm or deny the reports regarding Huawei but said the government would make a decision soon.

“The review that the secretary of state will announce in due course is about much more than just Huawei, much more than about China, it’s about the fundamentals of how to keep these networks safe from any attacker,” he said.

He said the NCSC assessed security requirements objectively and it set standards according to the vulnerability of different parts of the telecoms networks.

Currently, Huawei’s equipment is either not present or being removed from existing core networks, but it is widely used in lower risk parts like radio masts.

“There are parts of that network that move from hardware to software which are extremely sophisticated, they are the controlling brain, there are parts that simply transport data through fibre over land that don’t know what they are carrying and there are parts in between,” he said.

Telecom operators like Vodafone have said a complete ban on Huawei would seriously handicap Britain in the race to role out the vital technological upgrade.

“Some of the 5G infrastructure is built over existing networks so it’s not as if we are completely reinventing the wheel here,” Martin said.

He added that the National Cyber Security Centre had set out both publicly and to the government its objective, independent technical assessment of what was needed to protect future networks.